Overview
Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
Explore a comprehensive analysis of amateur DarkComet Remote Access Trojan (RAT) operators' behavior in this 18-minute IEEE conference talk. Delve into the findings of a large-scale study that monitored 2,747 interactive sessions, revealing insights into operator motives, intentions, and procedures. Learn about the versatility of RATs, their increasing use in various malicious activities, and the gaps in understanding that this research aims to fill. Discover the experimental setup using honeypot environments, the reconstruction of operator action sequences, and the common patterns observed, including remote desktop interactions, video and audio capture, keystroke logging, and data exfiltration. Gain valuable knowledge about potential weak points in RAT operations and discuss the implications for developing more effective defense strategies against these threats.
Syllabus
Intro
Remote Access Trojans
Low Barrier to Entry
Widespread Usage
Research Questions & Motivation
Experimental Biases
(Attempted) User Monitoring
Credential Theft
Filesystem Access
Remote Desktop
Common Patterns of Action
Tarpit Defense
Conclusion
Taught by
IEEE Symposium on Security and Privacy